Sql injection

A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /shownews.php. The manipulation of the argument id with the input AND SELECT 1222 FROMSELECT COUNT,CONCAT0x71786b7a71,SELECT...

CVE-2017-20139 Itech Movie Portal Script show_news.php Error sql injection

A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /shownews.php. The manipulation of the argument id with the input AND SELECT 1222 FROMSELECT COUNT,CONCAT0x71786b7a71,SELECT...

CuteNews 1.4.1 Show_News.PHP Cross-Site Scripting Vulnerability

No description provided by source...

CuteNews 1.4.5 show_news.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

Cross site scripting

Cross-site scripting XSS vulnerability in shownews.php in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the show parameter...

CVE-2006-0885

CVE-2006-0885 describes a Cross-site scripting (XSS) vulnerability in show_news.php of CuteNews 1.4.1 . The issue arises from insufficient input sanitization of the show parameter, allowing remote attackers to inject arbitrary web script or HTML. The available sources indicate that the vulnerabil...

CuteNews1.4.1.txt

CuteNews 1.4.1 Arbitrary file inclusion / remote code execution exploit software: site: http://cutephp.com/ description: "Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading,...

CuteNews 'show_news.php' XSS Vulnerability

CuteNews is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cutephp:cutenews";...

CVE-2005-2394

The CVE-2005-2394 entry concerns CuteNews 1.3.6: the show_news.php script can disclose the server’s full path through an invalid archive parameter. This is a path disclosure vulnerability (network access, low complexity) with partial confidentiality impact and no integrity or availability impact ...

CVE-2004-1660

CVE-2004-1660 affects CuteNews 1.3.6 and earlier. The vulnerability is a PHP remote file inclusion via the cutepath parameter to show_archives.php or show_news.php, enabling remote code execution. Public references (NVD entry) confirm the affected software, vulnerability class, and attack vector ...